FSU Computer Science

Home > Other >
Return to News

News & Announcements

$499,981 Grant Investigated by Dr. Tyson and Dr. WhalleySeptember 17, 2009

Title: "Reducing Virus Propagation in Mobile Devices".
PI: Gary Tyson
co-PI: David Whalley
Amount: $499,981
This grant is a 3 year grant from the NSF

Abstract:

Mobile computer systems and software are increasingly subject to a host of security threats and malicious software (malware) attacks due to vulnerabilities in their coding. The difficulty in achieving secure systems is further compounded by prevalence of unsophisticated users and the increasing reliance on third party software integration by enabling software module plugins for such user applications as web browsers and search engines. Traditional approaches have sought to provide an absolute defense to specific malware attacks by patching software vulnerabilities or detecting and blocking malware. One difficulty with these approaches for small mobile platforms is that the design constraints on these devices often favor low power to maximize battery life over enhancements to support security protocols. The current situation also represents a programmatic arms race between patching existing vulnerabilities and exploiting vulnerabilities in new application code. This research develops a new secure mobile computing environment based on current mobile technology widely available as consumer end products that seeks to use program differentiation to reduce the propagation rate of malware when a software vulnerability exists. This results not in the direct elimination of security vulnerabilities, but in the dramatic reduction in scope of any security exploit to infect large numbers of systems. By constraining the outbreak to only a few systems, counter measures can be employed before significant economic damage can result. By modifying aspects of the execution of the application, application executables can be permuted into unique versions for each distributed instance. Differentiation is achieved using hardware and/or systems software modifications. Areas of differentiation include function call/return and system call semantics, as well as a proposal for hardware-supported Instruction Register File access and intrusion detection monitoring. Differentiation of executables hinders analysis for vulnerabilities as well as prevents the exploitation of a vulnerability in a single distributed version from propagating to other instances of that application. By focusing on prevention of malware propagation in addition to traditional absolute defenses, we target the economics of malware in order to make attacks prohibitively expensive and infeasible.
Department Links